Merge pull request #10998 from johnson-yi/fixes/saml_logout

Fixes #10980 - Prevent immediate saml login after normal logout
2024-12-26 06:04:08 -08:00 · 2022-04-30 19:49:54 +01:00 · 2022-04-30 19:49:54 +01:00 · 313150e6dd
parent c8d5445178 281c6df7b3
commit 313150e6dd
2 changed files with 17 additions and 10 deletions
--- a/app/Http/Controllers/Auth/LoginController.php
+++ b/app/Http/Controllers/Auth/LoginController.php
@ -68,15 +68,17 @@ class LoginController extends Controller
            return redirect()->intended('/');
        }

-        // If the environment is set to ALWAYS require SAML, go straight to the SAML route.
-        // We don't need to check other settings, as this should override those.
-        if (config('app.require_saml')) {
-            return redirect()->route('saml.login');
-        }
+        if (!$request->session()->has('loggedout')) {
+            // If the environment is set to ALWAYS require SAML, go straight to the SAML route.
+            // We don't need to check other settings, as this should override those.
+            if (config('app.require_saml')) {
+                return redirect()->route('saml.login');
+            }


-        if ($this->saml->isEnabled() && Setting::getSettings()->saml_forcelogin == '1' && ! ($request->has('nosaml') || $request->session()->has('error'))) {
-            return redirect()->route('saml.login');
+            if ($this->saml->isEnabled() && Setting::getSettings()->saml_forcelogin == '1' && ! ($request->has('nosaml') || $request->session()->has('error'))) {
+                return redirect()->route('saml.login');
+            }
        }

        if (Setting::getSettings()->login_common_disabled == '1') {
--- a/resources/views/auth/login.blade.php
+++ b/resources/views/auth/login.blade.php
@ -36,6 +36,7 @@
                                <!-- Notifications -->
                                @include('notifications')

+                                @if (!config('app.require_saml'))
                                <div class="col-md-12">
                                    <!-- CSRF Token -->

@ -59,10 +60,10 @@
                                        </div>
                                    </fieldset>
                                </div> <!-- end col-md-12 -->
-
+                                @endif
                            </div> <!-- end row -->

-                            @if ($snipeSettings->saml_enabled)
+                            @if (!config('app.require_saml') && $snipeSettings->saml_enabled)
                            <div class="row ">
                                <div class="text-right col-md-12">
                                    <a href="{{ route('saml.login')  }}">{{ trans('auth/general.saml_login')  }}</a>
@ -71,12 +72,16 @@
                            @endif
                        </div>
                        <div class="box-footer">
+                            @if (config('app.require_saml'))
+                            <a class="btn btn-lg btn-primary btn-block" href="{{ route('saml.login')  }}">{{ trans('auth/general.saml_login')  }}</a>
+                            @else
                            <button class="btn btn-lg btn-primary btn-block">{{ trans('auth/general.login')  }}</button>
+                            @endif
                        </div>
                        <div class="text-right col-md-12 col-sm-12 col-xs-12" style="padding-top: 10px;">
                            @if ($snipeSettings->custom_forgot_pass_url)
                                <a href="{{ $snipeSettings->custom_forgot_pass_url  }}" rel="noopener">{{ trans('auth/general.forgot_password')  }}</a>
-                            @else
+                            @elseif (!config('app.require_saml'))
                                <a href="{{ route('password.request')  }}">{{ trans('auth/general.forgot_password')  }}</a>
                            @endif